Don’t be afraid of the big, bad Apple ‘Touch ID’ hack

iphone fingerprint unlocking texas 5s touchid

Apple’s Touch ID fingerprint sensor, used to unlock the new iPhone 5S, can be tricked using a “fake finger,” according to a hacker group that claims to have broken the biometric security feature. If true, the hack undermines Apple’s assertions that Touch ID provides stronger security for iPhone users than the iPhone’s 4-digit pin lock – but don’t fret: Touch ID is still a valuable feature.

Before we get into why this isn’t that big of a deal, here’s how the anti-biometrics hacker group, Chaos Computer Club (CCC), successfully bypassed Touch ID, in their own words:

First, the fingerprint of the enroled (sic) user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white woodglue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.

As you can see, the hack requires that whoever wants access to the device has the ability to take a high-resolution scan of the phone owner’s fingerprint, then print that out using a high-res scanner – not exactly an easy feat, or one that is easily repeatable in everyday life (as opposed to CCC’s intentional test of the security system, in which all parties were presumably complicit). Still, according to CCC spokesman Frank Rieger, the fact that this hack is possible should dispel “the illusions people have about fingerprint biometrics.”

“The public should no longer be fooled by the biometrics industry with false security claims. Biometrics is fundamentally a technology designed for oppression and control, not for securing everyday device access,” he added.

While it is disappointing that someone was able to trick Touch ID using simple methods, there are a number of reasons to take this hack with a grain of salt.

First, the easy-to-use nature of Touch ID is sure to increase the number of iPhone owners who lock their devices. Before the release of the iPhone 5S, a mere 50 percent of users locked their devices at all. Now that Touch ID is an option, that number will almost certainly increase.

Second, the CCC hack, though doable, is still a giant pain in the ass. Most thieves, I’d guess, do not have the knowledge, skill, tools, patience, or wherewithal to recreate the CCC hack. So if you’re device gets stolen, Touch ID will still do its job just fine.

Third, Touch ID still provides ample protection from the people we most want to keep out: Snooping family member, roommates, co-workers, and other people close to us. On that front, it keeps people out better than the 4-digit pin without the minor hassle of entering the pin every time the device is used.

Finally, as it’s currently configured, it is still possible to access a locked iPhone 5S using only the 4-digit pin – just swipe the screen, and the 4-digit pin unlock option appears, no fingerprint needed. Apple can, presumably, add an option to iOS 7 that allows a user to require both the fingerprint scan and the 4-digit pin to unlock the device. Do that, and the CCC hack will no longer work. I’d guess Apple will release this option once more people have become comfortable with Touch ID.

There are other reasons to be concerned about Touch ID. Minnesota Democrat Sen. Al Franken recently detailed some of them in a letter about the feature to Apple CEO Tim Cook. But the CCC hack just isn’t something to lose sleep over.

Product Review

‘Just Cause 4’ is mindless fun that leaves little room for much else

Just Cause 4 revels in explosions and over-the-top action, but its world feels empty and hollow. With few new ideas and a stale open world, it's a fun but shallow piece of escapism.

Upcoming Samsung Galaxy S10 trio may all have different camera setups

While we still may be months away from an announcement, there's no doubt about it: Samsung is working hard on its successor to the Galaxy S9. Here's everything we know about the upcoming Samsung Galaxy S10.
Movies & TV

Lose the torrents. Here's how to watch 'Game of Thrones' online (legally)

Game of Thrones is one of the most popular shows on TV, but unless you're a cable subscriber, finding a way to watch isn't always easy. Check out our guide on how to watch online, whether you prefer using HBO, Hulu, or Amazon.

Best deals on smart locks so you’ll never have to worry about unlocked doors

Is your front door locked? We found the best deals on smart home door locks that take the worry out of wondering if your home is secure. You can lock or unlock your doors remotely and some models let you control locks with voice commands.

Apple's iOS 12.1.1 makes it easier to switch cameras in FaceTime

After months of betas, the final version of iOS 12 is here to download. The latest OS comes along with tons of new capabilities, from grouped notifications to Siri Shortcuts. Here are all the features you'll find in iOS 12.

5G Coverage

Curious about the many ways 5G will change and enrich your life? Here’s our guide to all things 5G.
Social Media

Instagram could be making a special type of account for influencers

Instagram influencers fall somewhere between a business profile and a typical Instagram, so the company is working on developing a type of account just for creators. The new account type would give creators more access to analytical data.

The Galaxy A8s is Samsung's first with a hole-punch camera cutout

Samsung is building exciting, technologically innovative midrange phones, and the latest to be revealed is the new Samsung Galaxy A8s, which may give us an idea of what the new Samsung Galaxy S10 will look like.

Looking for flexible and inexpensive phone service? Check out our favorite MVNOs

Looking to switch from a major carrier to something a little more affordable? Luckily, there are a ton of great MVNO options to choose from. Check out our guide to the best MVNOs, from Boost Mobile to Google Fi.

Best Products of 2018

Our reception desk has so many brown boxes stacked up, it looks like a loading dock. We’re on a first-name basis with the UPS guy. We get new dishwashers more frequently than most people get new shoes. What we’re trying to say is: We…

Puma revives its classic 1986 smart shoe, complete with high-tech heel hump

More marketing stunt than serious effort to dominate the smart shoe space, Puma is about to re-release its classic RS-Computer Shoe. The high-tech footwear from 1986 was a breakthrough at the time, despite its unsightly heel hump.
Smart Home

Uber Eats is testing a system for cheaper meal delivery

You know how Uber Pool offers cheaper trips if riders share a car? Well, Uber Eats is currently testing the same idea for meal delivery, and it could mean cheaper orders for customers.

New Apple Watch begins saving lives one week after getting EKG feature

The Apple Watch Series 4 was updated almost a week ago with a new feature that allows users to take electrocardiogram tests -- and already it seems like the new feature is saving lives.

The best smartphone stocking stuffers for a very techy Christmas

If you've got a tech-loving smartphone enthusiast to buy for, we can help you out. Here's a selection of top phone accessories that would make amazing stocking stuffers so you can have a very Merry Christmas.